Get complete CodeIgniter blog project for free!

Downloaded more than 161 times, this is full project must-study for serious developers!

By submitting this form, you agree to our Terms of Service and Privacy Policy.

PHP Secure Input Data

In this article I am going to talk about PHP Secure Input Data and secure your website more. When a user input something via URL then this function clean this and make more secure to use on the website.

Why Secure Input Data?

For preventing SQL injection  you should use this function into your website's script. Most of the hackers are using SQL Injection method to bypass a security system. So, It's one of the major parts to make your website safe. This function prevents SQL Injection and saves your website from hackers.

How to Secure Input Data?

Yes, now we are on the way to make our website safer. Create a PHP Function name as CleanQuery(); and put down this code in this function.

function CleanQuery($string)
$badWords = "(union)|(insert)|(drop)|(http)|(iframe)|(script)|(cmd)|(exec)|(system)|(curl)|(passwd)|(copy)|(alert)|(--)|(>)|(<)|(')|(^)|(#)|(%)|(php)|(wml)|(html))";
$string = eregi_replace($badWords, "", $string);
$string = preg_replace(array('/[^a-zA-Z0-9\ \-\_\/\*\(\)\[\]\?\.\,\:\&\@\=\+]/'),array('', '', ''),$string);
$string = mysql_real_escape_string(htmlspecialchars($string));
return $string;
We have created the function for clean input data. We used some words which are uses in bypass website security. When a user tries to pass these values using input $_GET or $_POST then this function automatically remove them and pass a safe value in the script.

How To Use CleanQuery(); ?

After creating this function put it into you function file that means which is using for all functions. Include this file into all of the files. Now it's ready for use.
When you pass an input into your script then clean this input using this function. example-

$id = $_GET['id'];
$inputid = CleanQuery($id);
// Cleaned Input ID
You can use it also in post method just like same as this code,

$id = $_POST['id'];
$inputid = CleanQuery($id);
// Cleaned Input ID
Now users inputs save. You can change your badWords like your targeted words. So, don't late to make your website safe, just use this function to get safe data from a user. If you have any question or comment about this PHP Secure Input Data article please don't hesitate to do that, please comment your question in comment section.

Search on PHPAns
Subscribe to PHPAns
Join with our 32000+ subscribers and get our latest articles in your email inbox for free.
Delivered by FeedBurner
We always respect your privacy and take protecting it seriously.
Connect Social With PHPAns